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DETAILED ACTION 

1 . This action is responsive to communications: Amendment - After Non-Final 
Rejection filed 06/27/2005. 

2. Claims 1-38 are pending in the case. Claims 7, 8, 18, 19, 28, and 29 have been 
amended. Claims 34-38 have been added. 

Claim Rejections - 35 USC § 112 

3. The following is a quotation of the first paragraph of 35 U.S.C. 112: 

The specification shall contain a written description of the invention, and of the manner and process of 
making and using it. in such full, clear, concise, and exact terms as to enable any person skilled in the 
art to which it pertains, or with which it is most nearly connected, to make and use the same and shall 
set forth the best mode contemplated by the inventor of carrying out his invention. 

4. Claim 38 is rejected under 35 U.S.C. 112, first paragraph, as failing to comply 
with the written description requirement. The claim(s) contains subject matter which 
was not described in the specification in such a way as to reasonably convey to one 
skilled in the relevant art that the inventor(s), at the time the application was filed, had 
possession of the claimed invention. Specifically, applicant states in the Amendment 
"Support for this claim can be found, inter alia, at lines 17-19 on page 47 of the 
application (Amendment, p. 10, 1. 4-5)." However, lines 17-19 on page 47 of the 
application read User Manager Or, they must be performed by the Group Manager, etc. 
Figure 20 is a flowchart describing the process of using a workflow. The process of 
Figure 20 is performed, for example, when creating a new user, a new... 

However, claim 38 cites A method according to claim 37, wherein at least one of the 
first program and the second program is external to the workflow. Neither the cited text 
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from applicants specification nor the process depicted in Figure 20 show that a program 
is external to the workflow. In fact, the cited text appears to be unrelated to the subject 
matter of claim 37. Therefore claim 37 introduces new matter and is rejected for failing 
to comply with the written description requirement. 



Claim Rejections - 35 USC § 103 

1 . The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

2. Claims 1-37 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Hardy et al. (hereinafter "Hardy"), U.S. Patent No. 6,073,242 issued June 6, 2000 in 
view of Howes et al. (hereinafter "Howes"), Understanding and Deploving LDAP 
Directorv Services , copyright 1999, Netscape Communications, Macmillan 
Computer Publishing ISBN 1-57870-070-1. 

3. From applicant's specification, a workflow is understood as "a process that is 
implemented by the Identity System (or other system) and automates the business 
methods" (p. 2, 1. 17-20). A domain is understood as "a logical grouping of Web Server 
host ID'S, host names, URL prefixes, and rules" (p. 16, 1. 5-6). 

Independent claim 1 cites: A method for using workflows, comprising the steps 
of: associating workflows with domains in a data structure, each domain identifies a 
portion of said data structure; 
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While Hardy teaches a method for using workflows (Col. 8, 1. 41-45), Hardy does not 
explicitly teach the steps of associating workflows with domains in a data structure, 
However, Howes teaches a process of associating workflows with domains and 
apportioning data structures (Ch. 9, Topology Design, p. 277-292). It would have been 
obvious to one of ordinary skill in the art at the time of the invention to combine the 
workflow method of Hardy with the process of Howes, so that the user would have the 
benefit of simplified workflow processing and control over user roles. 

receiving a request to perform a tasl< tliat pertains to said data structure; and 
Hardy teaches receiving a request to perform a task, in this case, a request to send 
external email (Col. 5, 1. 18-21). 

performing a first workflow for said task, said first workflow is associated with a 
first domain that includes a target of said request Hardy teaches a method of 
performing a workflow for a task where the authority server determines the email name 
and key from the target domain, performs lookups, and performs steps of a workflow 
including appending letterhead and signature, and encryption (Col. 5, 1. 15-33). Note 
that while this method refers to email, Hardy points out that the invention can be applied 
to other problems including workflow, which are similar in method to the email example 
and are therefore not described in depth (Col. 8, 1. 43-45). 

Claim 2 cites: A method according to claim 1, wherein: said step of associating 
includes associating said first workflow with said first domain, 
Hardy teaches an authority application which coordinates communications and 
encompasses all applications that make use of the authorities (Col. 9, 1. 35-49). While 
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Hardy does not explicitly teach the step of associating the first workflow with first 
domain, Howes teaches a process of associating workflows with domains and 
apportioning data structures (Ch. 9, Topology Design, p. 277-292). It would have been 
obvious to one of ordinary skill in the art at the time of the invention to combine the 
workflow method of Hardy with the process of Howes, so that the user would have the 
benefit of simplified workflow processing and control over user roles. 

said step of associating said first workflow includes choosing a first entry in said 
data structure, 

Hardy teaches a method to be applied to using workflows (Col. 8, 1. 43-45) where the 
authority application employs the user directory to resolve user references to system 
references (Col. 10, 1. 9-13). 

said data structure is a hierarchical data structure, said first domain includes said 
first entry and entries below said first entry. 

While Hardy does not explicitly teach a hierarchical data structure, Howes teaches a 
case study for directory services deployment where a directory is designed with a 
hierarchical namespace with entries below a first entry (p. 707-708). It would have been 
obvious to one of ordinary skill in the art at the time of the invention to combine the 
authority application of Hardy with the hierarchical data structure taught by Howes so 
that the users would have the benefit of a namespace based on organizational 
hierarchy, to promote future extensibility of the system. 

Claim 3 cites: A method according to claim 2, wherein: said step of performing 
includes identifying one or more workflows associated with said target 
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Hardy teaches a method of identifying applications associated with the target (Col. 9, 1. 
35-39) and associations of classes of users with applications (Col. 10, L 41-63). 

Claim 4 cites; A method according to claim 1, wherein: said request includes an 
identification of said target; 

Hardy teaches a process of receiving a request from a user to send external email to a 
destination identified by nickname, an identification of the target (Col. 5, 1. 15-33). 

said step of performing includes identifying a set of one more workflows that 
perform said task and are associated with domains that include said target, said set of 
one more workflows includes said first workflow. 

Hardy teaches identifying a set of applications which make use of or authorize the 
enterprise authorities of the users and a server which provides client/user directory 
services using LDAP (Col. 9, 1. 35-49). Thus the applications are associated with 
domains, including the target identities. Because the set of applications taught by 
Hardy includes all applications which make use of enterprise authorities, the set of 
workflows includes the first workflow. 

Claim 5 cites: A method according to claim 4, wherein: said request is a request 
to delete said target. 

While Hardy does not explicitly teach a delete request, Howes teaches a delete 
operation (p. 102). It would have been obvious to one of ordinary skill in the art at the 
time of the invention to combine Hardy with Howes so that the user would have the 
benefit of a system with full access to operations available from the LDAP directory 
service and the corresponding functionality. 
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Claim 6 cites: A method according to claim 4, wherein: said request is a request 
to modify said target 

While Hardy does not explicitly teach a modify request, Howes teaches a modify 
operation (p. 102-105). It would have been obvious to one of ordinary skill in the art at 
the time of the invention to combine Hardy with Howes so that the user would have the 
benefit of a system with full access to operations available from the LDAP directory 
service and the corresponding functionality. 

Amended claim 7 cites: A method according to claim 1, wherein: said request 
includes an identification of said target; and 

Hardy teaches a method which can be applied to using workflows, where the authority 
server receives a request with an identified target (Col. 5, 1. 15-21). 

said step of performing includes the steps of: identifying a set of one more 
workflows that perform said task and are associated with domains that include said 
target said set of one more workflows includes said first workflow, 
Hardy teaches an authority application which controls all exercise of enterprise 
authorities by the users, i.e., identifying a set of workflows associated with domains 
(Col. 9, 1. 35-49). 

reporting said set of one more workflows, 
Hardy teaches the use of databases which in response to a request by a user asking 
the authority application to perform a particular communication or transaction, the 
application determines the user's role and then processes the transaction in accordance 
with enterprise policy (Col. 11,1. 48-64). Hardy teaches a user data structure employed 
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by the directory service to map user references to system references (Col. 13, 1. 14-44), 
i.e., reporting a set of workflows available to the user identity. 

receiving from a user a selection of said first workflow, and performing one or 
more steps of said first workflow. Hardy teaches an example of the workflow method 
where the selection of the first workflow is received, and one or more steps are 
performed (Col. 13, 1. 24-44). Hardy teaches receiving a selection of a workflow 
requested by a user in claim 1 (Col. 21, 1. 66-Col. 22, 1. 11), and further lists the set of 
workflows in claim 12. Hardy also teaches that a user can delegate authorities and 
roles to other users (Col. 4, 1. 52-56), thus selecting the workflows available for access. 

Claim 8 cites: A method according to claim 1, wherein: said step of performing 
includes identifying workflows for said task, identifying domains associated with said 
workflows for said task, and receiving from a user a selection of said first workflow. 
Hardy teaches a method of identifying applications associated with the task (Col. 9, 1. 
35-39) and associations of classes of users with applications, i.e., domains (Col. 10, 1. 
41-63). These applications require the intercession of the authority application, i.e., 
receiving a selection of said first workflow. 

Hardy teaches receiving a selection of a workflow requested by a user in claim 1 
(Col. 21, 1. 66-Col. 22, 1. 11), and further lists the set of workflows in claim 12. Hardy 
also teaches that a user can delegate authorities and roles to other users (Col. 4, 1. 52- 
56), thus selecting the workflows available for access. 

Claim 9 cites: A method according to claim 1, wherein: said steps of 
associating, receiving and performing are performed by an integrated identity and 
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access system. 

Hardy teaches an authority server that supports the implementation of role-based 
enterprise policies for expressing and exercising authority and the projection and 
transfer of those authorities over networks of communicating electronic systems (Col. 3, 
I. 23-37). 

Claim 10 cites: A method according to claim 1, wlierein: said request is for self- 
registration. 

Hardy teaches a method of self-registration for external users (Col. 14, 1. 26-61). 

Claim 11 cites: A method according to claim 7, wherein: said request is from a 
parent workflow; and said first workflow is a sub-workflow to said parent workflow. 
Hardy teaches a method of using workflows, an example of the method where an email 
application attaches an indication to an outgoing email message (Col. 10, 1. 1-13). The 
email application is the parent workflow, the attachment function is a sub-workflow to 
the parent workflow. 

Claim 12 cites: A method according to claim 1, wherein: said data structure is a 
hierarchical data structure; and each domain identifies an entry in said hierarchical data 
structure and additional entries below said entry. 

While Hardy does not explicitly teach a hierarchical data structure, Howes teaches a 
case study for directory services deployment where a directory is designed with a 
hierarchical namespace with entries below a first entry (p. 707-708). It would have been 
obvious to one of ordinary skill in the art at the time of the invention to combine the 
authority application of Hardy with the hierarchical data structure taught by Howes so 



Application/Control Number: 09/998,895 Page 10 

Art Unit: 2176 

that the users would have the benefit of a namespace based on organizational 
hierarchy, to promote future extensibility of the system. 

Claim 13 cites: A method according to claim 12, wherein: said hierarchical data 
structure includes an LDAP directory. 

Howe teaches the case study for directory services deployment utilizing a hierarchical 
data structure in the book Understanding and Deploying LDAP Directory Services , and 
it would have been obvious to one of ordinary skill in the art at the time of the invention 
that the hierarchical data structure included an LDAP directory. 

In regard to independent claim 14, claim 14 reflects the processor readable 
storage device(s) having processor readable code used to perform the method as 
claimed in claim 1 , and is rejected along the same rationale. 

In regard to dependent claims 15-23, claims 15-23 reflect the processor 
readable storage device(s) having processor readable code used to perform the method 
as claimed in claims 2, 3, 4, 7-9, 11-13, and are rejected along the same rationale. 

In regard to independent claim 24, claim 24 reflects the apparatus used to 
perform the method as claimed in claim 1 , and is rejected along the same rationale. 

Claim 26 cites: An apparatus according to claim 25, wherein: said step of 
performing includes identifying one or more workflows associated with said target and 
enthes in said hierarchical data structure that are above said target 
Hardy teaches a method of identifying applications associated with the target (Col. 9, 1. 
35-39) and associations of a target with applications (Col. 10, 1. 41-63). Hardy teaches 



Application/Control Number: 09/998,895 Page 1 1 

Art Unit: 2176 

requests by a lower level authority server for access to system resources controlled at 
a higher level (CoL 21,1. 19-43). 

In regard to dependent claims 25, 27-33, claims 25, 27-33 reflect the 
apparatus used to perform the method as claimed in claims 2, 4, 7-9, 11-13, and are 
rejected along the same rationale. 

New claim 34 cites: A method according to claim 7, wherein said target is a 
target identity profile, and wherein said task comprises managing said target identity 
profile. 

Hardy teaches that each user has an identity profile, including a name or other identifier, 
roles, authorities, a key or certificate, and a directory (Col. 7, 1. 43-59). Hardy teaches 
receiving a selection of a workflow requested by a user in claim 1 (CoL 21, 1. 66-Col. 22, 
I. 11), and further lists the set of workflows in claim 12. Hardy also teaches that a user 
can delegate authorities and roles to other users (Col. 4, 1. 52-56), thus selecting the 
workflows available for access and managing target identity profiles. 

New claim 35 cites: A method according to claim 34, wherein managing said 
identity profile comprises one or more tasks selected from the group consisting of: 
creating a user, deleting a user, changing a user attribute, creating a group, deleting a 
group, and changing a group attribute. 

Hardy teaches an embodiment which includes an information manager that enables 
each user, or system administrator, to update and maintain the role, key, and address 
book information maintained in the server and to delegate and transfer authorities, i.e., 
creating a user, changing a user attribute (Col. 5, 1. 42-46). 
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New claim 36 cites: A method according to claim 34, wherein managing said 
identity profile comprises managing a certificate associated with said identity profile. 
Hardy teaches the use of certificates, and the mapping of authority references, i.e., 
names, to the certificates (Col. 4, 1. 23-36). 

New claim 37 cites: A method according to claim 7, wherein: said first workflow 
comprises a predefined set of steps that perform said task, said predefined set of steps 
comprising a first step and a second step; said first step is performed by a first program; 
said second step is performed by a second program; and information is passed 
between said first program and said second program according to a defined set of rules. 
Hardy teaches a rules database that defines workflow procedures and authorized roles 
permitted to perform respective steps of the workflow procedures (Claim 45), i.e., a 
predefined set of steps and defined set of rules. For example, Hardy teaches the 
workflow steps required to cut a check, pay payroll, etc. (Col. 20, 1. 1-4). Hardy teaches 
user applications run by a user such as web browsers, word processors, spreadsheets, 
and e-mail program; these applications are the originators of request that give rise to 
intervention by the authority application (Col. 13, 1. 1-10), that is, the information is 
passed between these programs according to the defined set of rules in the rules 
database, which is part of the authority application. Therefore, it would have been 
obvious to one of ordinary skill in the art at the time of the invention that the rules 
database that defines workflow procedures, steps, and rules could be used to define 
steps that would be performed by multiple application programs, and the information 
passed between those programs. 
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Response to Arguments 

4. Applicant's arguments with respect to claims 7, 8, 18, 19, 28, and 29 have been 
considered but are moot in view of the new ground(s) of rejection. The newly applied 
prior art (Hardy) teaches the newly claimed limitation "receiving from a user a selection 
of said first work flow." 

5. Applicant's arguments filed 06/27/2005 have been fully considered but they are 
not persuasive. 

6. In response to applicant's argument that there is no suggestion to combine the 
references, the examiner recognizes that obviousness can only be established by 
combining or modifying the teachings of the prior art to produce the claimed invention 
where there is some teaching, suggestion, or motivation to do so found either in the 
references themselves or in the knowledge generally available to one of ordinary skill in 
the art. See In re Fine, 837 F.2d 1071, 5 USPQ2d 1596 (Fed. Cir. 1988)and In re 
Jones, 958 F.2d 347, 21 USPQ2d 1941 (Fed. Cir. 1992). In this case, both applications 
are directed toward directory services. Further, the Hardy patent teaches an authority 
server that uses directory services. Howes discloses the step-by-step methods of 
applying directory services because Howes is a textbook. It would have been obvious 
to one of ordinary skill in the art at the time of the invention to combine the two 
references since both were published and publicly available at the time of the invention. 

7. Applicant argues, regarding claim 1 , that Howes does not teach associating 
workflows with domains in a data structure because the cited portion of Howes does not 
mention the words "workflow" or "domain". However, Applicant defines in the 
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specification a workflow as "a process that is implemented by the Identity System (or 
other system) and automates the business methods" (p. 2, 1. 17-20). That is, a workflow 
is any process implemented by any system that automates business methods. Using 
the definition supplied by the applicant, Howes discloses numerous workflow processes, 
such as authentication, authorization, and messaging applications (p. 279-280) which 
automate business methods, such as passing messages. Howes discloses detailed 
methods of associating these workflow processes with domains in a directory data 
structure. 

A domain is defined in Applicant's specification as "a logical grouping of Web 
Server host ID's, host names, URL prefixes, and rules" (p. 16, 1. 5-6). Howes discloses 
such a logical grouping of host ID's, host names, URL prefixes, and rules in Figures 
9.14 >A Network Topology Map Showing the Location ofArius's Directory Enabled 
Applications, and 9A5Arius's namespace design (p. 286-287) as well as in the 
previously cited text. Therefore Howes does teach the limitation of claim 1 . 
8. In response to applicant's arguments against the references individually, one 
cannot show nonobviousness by attacking references individually where the rejections 
are based on combinations of references. See In re Keller, 642 F.2d 413, 208 
USPQ 871 (CCPA 1981); In re Merck & Co,, 800 F.2d 1091, 231 USPQ 375 (Fed. Cir. 
1986). 

Applicant argues that Hardy does not teach performing a workflow because 
Hardy states that the invention can be applied to a workflow in a method similar to the 
detailed e-mail example of the disclosure (Col. 8, 1. 41-45) but does not discuss the 
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workflow implementation in detail. The examiner respectfully disagrees. While the 
examiner cited this passage to clarify to the applicant that the processes disclosed by 
Hardy in the e-mail example would be similarly applied to the workflow implementation, 
the passage should not be interpreted as stating that Hardy does not teach performing a 
workflow. Hardy does teach an authority server to be used with workflows. The method 
of applying the invention to workflows would have been obvious to one of ordinary skill 
in the art at the time of the invention, because the authority server would be applied to 
workflows using the same methods that are explained in the detailed description, as 
disclosed by Hardy in the cited passage (Col. 8, 1. 41-45). The implementation of 
workflow processes is disclosed throughout the Hardy patent as claimed in claim 45, 
described in the statement that the objective of the invention is to provide simplified 
workflow processing (Col. 3, 1. 18-19), provided in the listing of typical workflow 
applications (Col. 10, I. 50-63), etc. 

Applicant's arguments regarding the dependent claims are generally based on 
the fact that Hardy and Howe do not use the specific word "workflow". However, based 
on applicant's definitions as cited above. Hardy and Howe do teach workflow 
processes. Further, applicant mischaracterizes multiple passages of Hardy cited in the 
office action by pointing out that Hardy does not use exactly the same words to describe 
the disclosed invention as used by the applicant in the claims. However, Hardy does 
teach the limitations of the claims and the meaning of the cited passages would have 
been conceptually equivalent to the claim language used, for one of ordinary skill in the 
art. 
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In regard to claims 9 and 20, in response to applicant's argument that the 
references fail to show certain features of applicant's invention (Amendment, p. 14, par. 
2), it is noted that the features upon which applicant relies (i.e., Specification, p. 9, 1. 8- 
12) are not recited in the rejected claim(s). Although the claims are interpreted in light 
of the specification, limitations from the specification are not read into the claims. See 
In re Van Geuns, 988 F.2d 1181. 26 USPQ2d 1057 (Fed. Cir. 1993). 

Conclusion 

9. Applicant's amendment necessitated the new ground(s) of rejection presented in 
this OfHce action. Accordingly. THIS ACTION IS MADE FINAL. See MPEP 
§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 
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Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Amelia Rutledge whose telephone number is 571-272- 
7508. The examiner can normally be reached on Monday - Friday 9:30 - 6:00. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Heather Herndon can be reached on 571-272-4136. The fax phone number 
for the organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 




